Nmap Development mailing list archives
ARP scanning bug in nmap?
From: "RaMatkal" <RaMatkal () hotmail com>
Date: Mon, 20 Mar 2006 11:17:30 +0200
Firstly, great work on nmap!! I was performing a pen-test on a clients network a few days ago and was having a few problems with nmap 4.00..... i was sitting on the same subnet as a wireless device i was trying to scan.... wireless ip was something like 10.51.20.20/16 and my ip was 10.51.25.25/16 though i was not attached to the wireless network.... I could ping the wireless device with no problems but when i tried to scan the device with the usual nmap -sS -vv -O it came back with an error saying no ARP replies were found... I think i read somewhere that the new version of nmap first does an ARP scan if the device u want to scan sits on the same local network (which i was)....but for some reason nmap was not recognising the ARP responses.....(i wander if this has to do with the fact that i was on the same subnet as the wireless device but i was not attached to the wireless network...ie maybe only the access point replies to the ARP requests when it is attached to a switch and not the wireless devices communicating through it...) anyways, i tried using the -P0 to turn off the Ping and ARP scan but nmap still could not scan the device and said an ARP response was not returned from the device.... in short i tried several methods to scan the device but all failed with the same error... However, when i scanned the device with Nessus i had no problems....several open ports were found... Is there a way to switch off the ARP scan like you can switch off the ping scan with -P0 Thanks very much...sorry for the long email, and great work again! RaMatkal _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev
Current thread:
- ARP scanning bug in nmap? RaMatkal (Mar 20)
- <Possible follow-ups>
- RE: ARP scanning bug in nmap? Mike C (Mar 20)
- Re: ARP scanning bug in nmap? kx (Mar 20)